Versions Compared

Old Version 37

changes.mady.by.user Tomasz Wolniewicz

Saved on

compared with

New Version 38

changes.mady.by.user Tomasz Wolniewicz

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

NameAccess locationDescriptionManaged by
MDShttps://mds.edugain.orgeduGAIN Metadata Distribution Service (MDS) is the central component of the eduGAIN service as a whole. For the  detailed description and procedures used in the eduGAIN metadata aggregate distributed by MDS see [eduGAIN-meta]. The eduGAIN metadata aggregate is produced on a separate, secured host (mds-feed) and it is copied to the distribution hosts and served form from there by the http server. The file is updated hourly.OT
The technical sitehttps://technical.edugain.orgThe technical site is directed primarily at the federation level thechnical personel. It provides information about eduGAIN members, details about their participation. The technical site is also the distribution point of documentation and the home for several core and supplementary services.OT
Validatorhttps://validator.edugain.orgThe eduGAIN validator is a service designed for validating metadata adherence to standards and eduGAIN requirements. The software has been created primarily as a component for the eduGAIN metadata aggregation and the details of validation rules are given im [eduGAIN-meta]. The same software enriched by a GUI is used as a tool for manual validation of metadata and serves as a support tool for federation operators.OT
eduGAIN status informationhttps://technical.edugain.org/statusThis status page provides a view of the eduGAIN database in the part relevant to membership information and the current status of metadata aggregation. The page also displays short summary information about numbers of entities in eduGAIN. The interface provides links to scans of the eduGAIN declaration documents signed by federations, direct links to metadata validation, links to contacts, metadata sources etc.OT
Entities database GUIhttp://technical.edugain.org/entiesThis service is an interface to the part of the eduGAIN database which stores information about entities themselves. The interface has many filtering mechanisms and also allows for CSV download for further processing in a spreadsheet.OT
eduGAIN database APIhttps://technical.edugain.org/apiThe API provides access to most of information stored in the database. In particular, the API may be used by the federations to monitor the eduGAIN aggregation process. Other uses are statistics of various sorts or even download of membership maps.OT

...

  • there is a immediate reject form the from the federation mail server,
  • there is no reply within 24 hours,
  • the metadata validUntil period is under 14 hours

...

It must be realised that that the case of all entities supplied by a large federation being deleted form eduGAIN from eduGAIN has heavy consequences - other participating federations will naturally have to drop these entities. When the federation metadata feed becomes available again, other federations may be forced into running emergency regeneration of their metadata, service providers may observe limited breaks in their service. Therefore the eduGAIN OT is making all possible effort to avoid such situations. If the eduGAIN OT realises a very special situation it is allowed to temporarily stop aggregation in order to avoid the deletion of of the federation but it MUST immediately notify the eduGAIN SG that such measures have been taken.

...

  • general and contact information about participating and candidate federations
  • operational information about participating and candidate federations like metadata URLs, signing keys, registrationAuthority values
  • operational information about the metadata aggregation process including details about metadata acquiring form from participating federations, results of metadata validation, cache timers for individual participant federations
  • operational information about entities published through eduGAIN derived from the metadata
  • statistics derived from metadata aggregation, like numbers of entities published by individual federations and much more
  • information collected from supporting monitoring services like ECCS, CoCo

...

  1. The edugain-db and mds-feed hosts are located in a secured private network and can be accessed only form from a single host in the PSNC network.
  2. The access to this single host is only available over SSH and only from a limited list of IP addresses.
  3. The federation signing keys can only be stored in the edugain-db with a process that needs to be run directly on the db host. This requires that the OT copy the key to the database host and run the process manually. The key is added to the database only when the decision to actually admint the federation metadata to eduGAIN has been taken. This is an additional security procedure guarding against a mistake in assigning the level of participation for a federation.
  4. The eduGAIN signing key is stored on the mds-feed host, where the whole process of aggregation and signing is run hourly. This host cannot be reached form the from the external network. The resulting signed aggregate is then moved th to the distribution host as described in the Metadata aggregation related procedures section.

...